The present invention relates to the technical goal of facilitating the use of email (electronic mail) and similar broadcast or targeted transmission mechanisms by protecting confidential and proprietary information which is transmitted through such mechanisms, and/or by automatically disposing of information copies after their receipt. The invention relates more particularly to methods, systems, signals, and articles of manufacture for embedding information in a program or file which removes itself from the computer system after being opened and read by an authorized reader.
Email is a very useful tool for promoting communication between people who are separated by distance, by different working hours, or both. However, email is sometimes inconvenient and sometimes less secure than desired. Both of these shortcomings hinder the use of email as a mechanism for broadcasting information to many people and/or transmitting information to one or a few specific targets.
For instance, email creates security concerns which have not been fully addressed. An email transmission often creates multiple copies of the emailed message on Internet Service Provider servers and other nodes in a computer network. Email and similar mechanisms are made less secure by the possibility of unauthorized access to copies of transmitted information.
One approach to protecting confidential or proprietary information in email messages is for an email recipient to delete the messages by using the email Delete command, by dragging the messages in question to a trash can, or by similar steps. However, files and messages deleted in this manner are often simply marked as free space, and little or none of the contents of the deleted items is actually destroyed. Accordingly, programs have been developed which electronically xe2x80x9cshredxe2x80x9d files by overwriting the file contents. A similar step could be taken to electronically xe2x80x9cshredxe2x80x9d specific email messages, although this has apparently not yet been done. Some electronic shredding programs also seek out any copies of the files that are stored in one or more predetermined locations and overwrite those copies.
However, such electronic shredding programs are limited in scope in that they only shred local copies of the message. Copies are often stored elsewhere, such as on the message originator""s computer and in many cases on intervening network nodes such as the message originator""s ISP""s server. These remote copies are not reached by a conventional shredder. Accordingly, some copies of the email may remain even after the electronic shredding process is xe2x80x9ccomplete.xe2x80x9d One solution would provide a shredding program based on the message recipient""s system with destructive access to the message originator""s system. However, this would pose serious security risks and would also create logistical problems and administrative burdens.
Another approach to protecting confidential or proprietary information in email messages is for an email originator to encrypt the messages, which are then decrypted by the recipient to obtain a xe2x80x9cplaintextxe2x80x9d version of the message contents. Encryption and shredding can be used as alternatives or in conjunction with each other. Even if some encrypted copies remain after others are shredded, protection is provided to the extent that serious effort is needed to decrypt the email message. Encryption software is increasingly available, and a commercially viable infrastructure supporting it through the use of public keys, certificates, and the like is beginning to develop.
However, serious challenges are still posed by encryption key management in general, and are posed in particular by the difficulty of making certain that the message originator and the authorized message recipient have the necessary key or keys and that other persons do not. Also, once a copy of the encrypted message is made, that copy may be retrieved at some later time (possibly much later) and removed to a convenient site where it can be subjected to attack without any protection except the encryption itself.
Email also creates annoyances which have not been fully addressed. One common source of annoyance is xe2x80x9cspamxe2x80x9d email, namely, unsolicited email sent to multiple recipients. Unlike passive advertising, such as pop-up and banner ads on websites, and ads in more traditional print, radio, or television media, xe2x80x9cspamxe2x80x9d email seeks out its audience, and thrusts itself into the viewer""s field of attention without being invited. This can be very annoying because it interrupts other activities, consumes system resources, and perhaps most importantly, requires active efforts by recipients who want to dispose of these unwanted messages.
Some email systems provide filters that detect at least some incoming unsolicited email and either deletes it or, more typically, places it in a directory or folder reserved for such messages. But filters sometimes err, either by characterizing as unsolicited email a message that is not, or by failing to detect unsolicited email and letting it through with the normal correspondence from familiar senders. Thus, it would be helpful to provide some alternate or additional means for disposing of unsolicited email.
Some unsolicited email includes a statement that sending a reply with xe2x80x9cREMOVExe2x80x9d in the subject field will remove the recipient from the mailing list. It has been alleged, however, that any reply to some such unsolicited email will simply confirm that the address to which the unsolicited mail was sent is xe2x80x9cgoodxe2x80x9d (meaning someone actually looked at the unsolicited email) and that a reply asking to be removed from the mailing list may therefore have an effect opposite from the intended effect. If this is so, then only addresses from which no reply is received would have a chance of being removed from the list.
Television and radio xe2x80x9cspotsxe2x80x9d which broadcast an advertisement without taking up storage space on the receiver (televisions and radios generally lack permanent storage such as hard disks) are known, although this characterization of them as not requiring recipient storage resources and proactive deletion by the recipient may be new.
Accordingly, it would be an advancement to provide an improved approach to protecting against the unwanted disclosure of confidential or proprietary information by reducing the risk of improper access to copies of an email message.
Likewise, it would be an advancement to provide an improved approach to email which moves the email disposal burden off the shoulders of the recipient. In particular and without limitation, it would be an advance to make public notices sent through email less onerous to recipients, and likewise to make email advertisements (including without limitation coupons, contact information, descriptions of goods and/or services, comparisons, and promotional materials) available to multiple recipients without requiring that recipients affirmatively remove unwanted advertisements from their computer systems or create a reply message having REMOVE or another keyword in the subject, to indicate their lack of interest in the subject matter being advertised.
Such approaches for improved email are disclosed and claimed herein.
The present invention relates to methods, articles, signals, and systems for self-removing email messages. Self-removal of email (or other transmitted digital information presentations) can provide at least two advantages. First, self-removing email can be used to enhance the security of a system by reducing the number of message copies and the life span of those copies. Second, self-removing email can be used to reduce the inconvenience of unsolicited email by making it possible for officials, advertisers, and other broadcast email originators to present messages that do not have to be manually removed by the target audience. A given method, article, signal, or system may use self-removing email to enhance message security, to reduce recipient annoyance, or both.
In some embodiments, self-removing email messages are encrypted with conventional tools and techniques. To further enhance security, a message is closely coupled to executable code which reduces the number of copies of the message. Some versions of the code allow any given copy of the message to be viewed at most once.
In some embodiments, self-removing email messages contain advertisements, but the invention may also be used to broadcast or otherwise transmit self-removing email messages which contain other materials that, at least by default, are not stored long-term on the recipient""s hard disk or on other intervening nodes (the self-removal action may sometimes be expressly overridden). For instance, confidential materials, and other materials directed to a limited audience such as public notices (changes in the law, election results, tax auction notices, public hearing announcements, and so on), private club notices, and materials intended for mature audiences, may also be transmitted in self-removing email messages.
Unlike traditional email, self-removing email places the burden of selecting messages for removal and then removing them on the software and on the message originator, instead of on the message recipient. xe2x80x9cSpamxe2x80x9d advertising methods become much less onerous to recipients if the email carrying the advertisements is as effortlessly ephemeral (from the recipient""s point of view) as a television or radio commercial. Other aspects and advantages of the present invention will become more fully apparent through the following description.